What is the Security Admin?

Imagine someone somehow gets access to your WordPress admin dashboard.

If it was me, the first thing I'd do is fiddle with and disable any security plugins.

But with Shield's Security Admin module, this isn't a problem. When active this feature will prevent any user, admin or otherwise, from viewing or modifying any Shield options, as well as preventing the plugin from being deactivated.

We highly recommend turning on this option.

How do I activate the Security Admin?

Currently the security admin is authenticated with the 'Security Admin PIN'.

You can't turn on the security admin feature without first supplying the PIN.

On the main 'Disable Module' section, you must check on the checkbox and supply a key. You must remember this key, because you'll be asked for it later.

I never gave a key and now it's asking me for a key! What key is it talking about?

You mightn't think you supplied a key in the past because you can't remember giving it a key. But if it's asking you for a key, then you (or someone else) gave it a key.

Can you tell we get this question a lot? (though usually far less politely presented)

Still can't remember the key? See below...

How can I change my key and access Shield if I don't know the key?

You have 1 of 2 options. The 2nd is a little drastic and if you can do the 2nd, you can certainly do the 1st option - which is the recommended.

1. Follow the guide set out here. Once you've turned off the Shield plugin you can go in and set the access PIN to whatever you like, and then remove the 'forceoff' file.
2. Follow the guide set out here to reset your plugin to default settings.